framework-integrations

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes code and endpoints that fetch and process arbitrary external URLs/user-provided data (e.g., templates/fastapi-background.py's async_api_call and /api/fetch-external-data, templates/django-integration/tasks.py fetch_external_data(api_url), templates/flask-context.py mixed_context_task using requests.get(external_api_url), and the examples/fastapi-async.md webhook long_task), so it ingests untrusted third-party content as part of its workflow.